On 2024-12-16 13:22, Michael Tokarev via Postfix-users wrote: > > This is exactly why I started this whole thread: is chroot in postfix worth > the efforts these days or not, from the upstream PoV? And the very first
Linux chroot() was never _worth_ any trouble. It should have been used when it was _convenient_, i.e. easing the job (like: testing new packages without trashing main system), not when you need to fight against it. All of the chroot features, fine grained, and even more are now much easier to set up with namespaces, syscomp filters, BPFs, CGroups, capabilities etc. This is not SELinux madness with unauditable rules... _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
